NoRef.io is a free website/service that you can use to hide the user’s HTTP referer when clicking on hyperlinks you create.
In building NoRef.io, quite a number of performance and privacy considerations went into designing the service, namely:
- Fast, really fast: the page should load in less than 100ms
- No server can should be able to see the redirect URL
- Reliable service
So, let’s see how we can accomplish all these goals.
- Very small page size < 5 kb
- Fast load time < 100 ms over typical network
- The service should load with a single HTTP call, keeping all JS and CSS inline (inside one HTML page)
- Service is cacheable by a CDN’s edge network and the users’ web browsers (apply proper cache-control headers)
- Deliver page over gzip (compressed)
- Fast DNS service
So, how fast does it load?
UPDATE: this post doesn’t reflect the performance of the new version of noref.io.
Google Chrome measured it at <80ms. Sweet!
The goal is to make sure the redirect URLs are not recorded by the server (or any server). To accomplish that
- Require page to be loaded under HTTPS, to prevent eavesdropping or man-in-the-middle attacks
The website should be served with redundancy, and cached by the CDN in case the server is unavailable.
For this task, we’ll utilize Cloudflare’s Always Online™ feature.
Web Server <-> CDN (CloudFlare) Edge Network <-> User
Cloudflare will store a copy of your website and serve that to your visitors if your server is ever unreachable.
Never miss new posts
Get the latest tech innovation news from Ryan delivered straight to your inbox!